Security of information used in early computer systems, which included a mainframe central processing unit (CPU) with user access being provided through dumb terminals, was accomplished by restricting access to the CPU. The CPU was the arbitrator of all computing resources involving sensitive information.
The introduction of the personal computer (PC) marked the beginning of a migration toward local rather than central processing, and the advent of client/servers. Again, conventional wisdom at first taught that sensitive information could be protected by restricting access to tile PC or client server.
Today's communications world is one of distributed computing, portable PCs with gigabyte memories, and LAN, WAN, Internet and cellular communications. Central CPU, client/server, and PC security is no longer sufficient to protect highly sensitive information.
The most widely accepted method of protecting information stored in a computer system or communicated over networks is the use of data encryption. Data encryption technology is basically classified into two technology types: symmetric or asymmetric. An example of a symmetric algorithm encryption is the Data Encryption Standard, FIPS PUB 46-2; DATA ENCRYPTION STANDARD (DES), Dec. 30, 1993. The RSA encryption technology named for its inventors, Rivest, Shamir, and Adleman, is an example of asymmetric or public key encryption.
Symmetric encryption uses the same key to both encrypt and decrypt an information file. Asymmetric encryption uses two keys which share a relationship such that information encrypted with one key can be decrypted only with the second key. Symmetric encryption is much faster than asymmetric encryption, and is therefore better suited for bulk encryption of data files.
Encryption algorithms further may be characterized as being either reversible or irreversible. Symmetric and asymmetric encryption algorithms are reversible. A reversible algorithm is one where data is recoverable from its encrypted state back to its cleartext state. An example of an irreversible algorithm is the secure hash algorithm as defined in FIPS PUB 180-1, SECURE HASH STANDARD (SHS), Apr. 17, 1995 Secure hash algorithms were originally used to detect alterations to an information file, whether intentional or unintentional. It is not surprising, therefore, that the output of the algorithm is called a message integrity code (MIC) or message digest (MD). Another characteristic of a hash algorithm is that the output is always the same binary length regardless of the size of the input. Thus, an input having a large binary length may be mapped to an output having a shorter binary length. Further, if only one bit in a message or file is changed, approximately 50% of the bits in the output change. There is no known relationship between the input and output of a hash algorithm which may be used to recover the input from the output. Thus, even brute force trial-and-error attacks become prohibitive in time and cost.
Encryption keys produced by a key generator further may be classified as deterministic or non-deterministic. A deterministic encryption key is one which is repeatable each time a specific input is applied to the encryption key generator. Different inputs produce different outputs. A non-deterministic encryption key is one which cannot be repeated with a same input to the key generator, For example, a random number generator provides a non-deterministic result.
The collective wisdom of the information security industry is that deterministic encryption keys are unsatisfactory because they are susceptible to cryptographic analysis. Such an analysis may reveal the inputs to an encryption algorithm which are required to generate an encryption key.
In order to introduce a higher degree of irreversibility, secure one-way hash functions such as that defined in "Secure Hash Standard", FIPS PUB 180-1 (Apr. 17. 1995), have been introduced into the key generation process. Since the bit length of the output of the secure hash algorithm remains the same no matter the bit length of the input, and the change in a single bit of the input dramatically affects the output, the output of a secure hash function is considered to be near irreversible because of the investment in time and cost necessary to reveal the inputs through brute force trial-and-error methods.
Typical of encryption key generators used in prior systems are those disclosed in U.S. Pat. Nos. 5,060,263; 5,068,894; 5,153,919; 5,233,655; 5,309,516; 5,355,413; 5,361,062; and 5,367,572. None of these systems employ a many-to-few bit mapping to enhance the irreversibility of the encryption algorithm being used, and none except possibly the '516 and '919 patents employ irreversible algorithms. The '516 and '919 patents do not disclose the algorithms being used. Further, the encryption keys generated by the '263, '894, '655, '062 and '572 patents are not repeatable or deterministic. In addition, the secret input to the key generator disclosed in the '263, '894, '919, '655, '413, '062, and '572 patents are not sufficiently large to forestall discovery through cryptographic analysis. Lastly, the encryption keys generated in the '655, '062, and '572 patents do not serve as symmetric encryption keys.
Of the above patents, U.S. Pat. No. 5,153,919 appears to be the nearer prior art in that the disclosed encryption key generator requires the input of a constant value (ESN), a secret key (A-Key), and a random sequence which are merely concatenated before being hashed to provide a shared secret data field (SSD). The method of generation, however, does not employ an A-Key of sufficient bit length or a bit-shuffling operation as contemplated by the present invention prior to the hashing operation. No meaningful barrier against discovery of the inputs to the concatenation function, therefore, is provided. The disclosed method and system do not employ a many-to-few bit mapping to further resist against brute force trial-and-error attacks ,and against a cryptographic analysis attempts to discover the secrets of the encryption key generator function.
In the present invention, a method and system for generating a non-predictable but deterministic and symmetric encryption key is disclosed, which employs a many-to-few bit mapping and a combination bit-shuffle and secure hash to become highly resistant to cryptographic analysis and brute force trial-and-error attacks. The method and system further is highly resistant to attempts to discover the encryption key from knowledge of inputs of the key generator, and employs a secret E-Key Seed that is of sufficient bit length to be highly resistant to discovery through cryptographic analysis. The method and system of the present invention also substantially raise the efficiency of information security systems by accommodating the destruction of an encryption key after each use, and by recreating the key without need of key directories or other key records.